Chrome. I know that might be hard to believe but the switches work. You can absolutely stop Google from prefetching their usual services. Plus I don’t login with a Google account on the browser, that makes a huge difference.
Arch is not stable but it’s easy to fix issues arising from its rolling release nature. One of the ways being utilizing the AUR packagedowngradefor easy package version rollbacks. I should also note that the most common reason for Arch breaking is rarely ever because of the distro itself but because upstream has introduced breaking changes. You can see this when an upstream feature breaks in Arch, then Fedora picks up the same bug a few weeks/month later.
Arch is however the most solid distro I’ve ever used since I began using Linux many many moons ago.
One thing that is an Arch problem is that, if you do not update often enough, you can end-up with outdated keys that prevent you from installing before packages. The solution is just to update the keyring before updating everything else but this is confusing for a new user and kind of dumb in my opinion. I feel like the system should do this for me.
Arch already does this. Could be that your install has the keyring refresh service disabled but I’ve had it enabled for a good while now and I’ve never encountered that outdated pacman keyring issue.
Arch breaks all the time. It has to because upstream is usually always changing so breakage is inevitable.
Though a person’s mileage on this may vary (less update frequency, less no of programs etc.), the constant thing about rolling release is that breakages within software releases are to be expected.
I had always used Windows for the longest time. I used a certain cloud service and was impressed with how easy it was to manage services with docker. Fast forward a couple of years and I got a small mini-PC with Windows. I tried to install docker on it but Windows back then had no way of using Docker without virtualizing it with Hyper-V, a Pro feature. I thought let me give this another try. I tried to replicate the same setup with NSSM tools. It kinda worked eventually but it was a dirty hack at best and I did not like this solution.
I thought to myself, why would I pay Microsoft to use a feature I can use for free with Linux and get better performance while at it.
Gnome’s window sizing has always looked comical on my display. So I fix it with Orchis gtk compact theme. Also GSconnect is an irreplaceable utility for me.
I would say you are already secure enough if you are using software from official/trusted repositories and updating them on a regular basis.
That said, if you want extra security. Drop all software that cannot run on Wayland and go even further by isolating all desktop applications with the Flatpak sandbox. This is made extremely easy with Flatseal. Maximum points if you setup secure boot.